identity metasystem in location based persistent
play

Identity Metasystem in Location Based Persistent Authentication - PowerPoint PPT Presentation

Dec 23, 2023 •339 likes •510 views

Identity Metasystem in Location Based Persistent Authentication EuroCAT 2009 European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy Hasan Ibne Akram M.Sc. Computer Science Fraunhofer Institute

  1. Identity Metasystem in Location Based Persistent Authentication EuroCAT 2009 European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy Hasan Ibne Akram M.Sc. Computer Science Fraunhofer Institute for Secure Information Technology Munich, Germany Munich University of Technology Munich, Germany

  2. Outline - Motivation - Introduction to PAISE - Privacy Principles for Smart Environments - Identity Metasystem - Identity Metasystem Technologies - OpenID - Windows CardSpace - Higgins - Proposed Architecture - Evaluation - Conclusion & Future Outlook

  3. 3 Motivation - Authentication in smart environment is traditionally device centric - If the device is stolen, there is a good chance of your identity being stolen - User can be impersonated - Traditional Location Tracking System (LTS), e.g., RFID, GPS etc. has been criticized by the privacy proponents - LTS is inherently lacks privacy principles EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  4. 4 Introduction to PAISE - A shift from device tracking paradigm to person tracking paradigm. - Person tracking using "Time-of-Flight" (TOF) cameras EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  5. 5 Privacy Principles for Smart Environments - Notice - Choice and Consent - Anonymity and Pseudonymity - Proximity and Locality EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  6. 6 Federated Identity 3 players of federation • Identity Provider Identity Metasystem • Relying Party • Subject/User EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  7. 7 Identity Metasystem C Com pi l er TCP/ I P I dent i t y M I dent i t y M et asyst em et asyst em Assem Assem bl y bl y Assem Assem bl y bl y Assem Assem bl y bl y Et her net Et her net Tokenr i ng Tokenr i ng 802. 11 802. 11 Ker ber os Ker ber os X. 509 X. 509 SAM SAM L L http://www.identityblog.com/stories/2005/07/05/IdentityMetasystem.htm EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  8. 8 Identity Metasystem Technologies –OpenID • Objective: Reduce username and password • Protocol was developed in 2005 • Main Features of OpenID – Light Weight Identity – Decentralized – Single-Sign-On • “ OpenID is a free and easy way to use a single digital identity across the Internet.” [ http://openid.net/ ] EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  9. 9 Identity Metasystem Technologies – Windows CardSpace • Windows CardSpaceis a client software from Microsoft which is a visual metaphor for identity selector for the end- user. • Windows CardSpace provides controlling power to the end- users on the fact that which information (about the end- users) should reach to the Relying Party and which should not. • It is shipped with Windows Vista (or as an add-on in Windows XP); it is not meant to replace the other standards handling digital identity rather to utilize and extend them. • CardSpace is token agnostic, i.e. it supports any token type i.e. SAML, OpenID, Kerberos or custom token type. EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  10. 10 Identity Metasystem Technologies – Higgins • An open source identity framework being developed at the Eclipse Foundation. • Higgins is a software infrastructure that supports consistence user experience that works with digital identity protocols, e.g. WS-Trust, OpenID, SAML, XDI, LDAP etc. • The main objective of the Higgins project is to manage multiple contexts, interoperability, define common interfaces for an identity system. • Various technologies including LDAP, SAML, WS-*, OpenID etc. can be plugged into the Higgins framework. EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  11. 11 Identity Metasystem Technologies Evaluation w.r.t. the Privacy Principles EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  12. 12 Proposed Architecture EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  13. 13 Evaluation 1. Notice 2. Choice and Consent 3. Anonymity and Pseudonymity 4. Proximity and Locality EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  14. 14 Conclusion &Future Outlook • Implementation of the architecture • Proof of Concept • Combining the Architecture with ProtectServe of Kantara Initiative Work Group - User Managed Access (UMA) – ProtectServe Specification • 4 Legged Scenario – User, IdP (the resource provider), RP (the consumer) and a Authorization Manager (AM) • Identity Dashboard • Web link: http://kantarainitiative.org/confluence/display/uma/Home EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  15. 15 Thank you for paying attention. Questions? Contact: hasan.akram@sit.fraunhofer.de EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Key Escrow free Identity-based Identity-based Cryptosystem Cryptosystem Identity-based

Key Escrow free Identity-based Identity-based Cryptosystem Cryptosystem Identity-based

Contents Background Key Escrow free Identity-based Identity-based Cryptosystem Cryptosystem Identity-based Signature Conclusion Manik Lal Das DA-IICT, Gandhinagar, India About DA-IICT and Our Group DA-IICT is a private university,

563 views • 35 slides
Persistent Data Structures and Managed References Clo j ures approach to Identity and State

Persistent Data Structures and Managed References Clo j ures approach to Identity and State

Persistent Data Structures and Managed References Clo j ures approach to Identity and State Rich Hickey Agenda Functions and processes Identity, State, and Values Persistent Data Structures Clojures Managed References

534 views • 39 slides
Location Based Services for J2ME F. Ricci Content Location-based services What is a

Location Based Services for J2ME F. Ricci Content Location-based services What is a

Location Based Services for J2ME F. Ricci Content Location-based services What is a location How to obtain location data Satellites Cellular network Short range positioning beacons JSR 179 Location API

767 views • 59 slides
Identity-Based Cryptosystems and Quadratic Residuosity Marc Joye Proxy: Fabrice Benhamouda PKC

Identity-Based Cryptosystems and Quadratic Residuosity Marc Joye Proxy: Fabrice Benhamouda PKC

Identity-Based Encryption Cocks IBE Scheme Algebraic Structure Applications Conclusion Identity-Based Cryptosystems and Quadratic Residuosity Marc Joye Proxy: Fabrice Benhamouda PKC 2016 Tapei, Taiwan 1 / 20 Identity-Based Encryption

655 views • 38 slides
Location- -based Routing in based Routing in Location Sensor Networks Sensor Networks Jie Gao

Location- -based Routing in based Routing in Location Sensor Networks Sensor Networks Jie Gao

Location- -based Routing in based Routing in Location Sensor Networks Sensor Networks Jie Gao Computer Science Department Stony Brook University 9/22/05 Jie Gao, CSE590-fall05 1 Location- -based routing based routing Location

1.07k views • 62 slides
Large-Scale Systems (2): Legion Legion vision: Metasystem consisting of millions of hosts,

Large-Scale Systems (2): Legion Legion vision: Metasystem consisting of millions of hosts,

CPSC-662 Distributed Computing Object-Oriented Distributed Technology Large-Scale Systems (2): Legion Legion vision: Metasystem consisting of millions of hosts, billions of objects, co- existing in a loose confederation tied together with

90 views • 6 slides
Location, Location, Location, Location, Location: Location: GPS and Google Earth GPS and

Location, Location, Location, Location, Location: Location: GPS and Google Earth GPS and

Location, Location, Location, Location, Location: Location: GPS and Google Earth GPS and Google Earth South Carolina Conference for the Social Studies October 5, 2007 Myrtle Beach, SC Julia Davis judavis@richlandone.org MaryAnn Sansonetti

395 views • 12 slides
Who Are You? Who Are You? Identity and Location in IP Geoff Huston APNIC Addresses and the IP

Who Are You? Who Are You? Identity and Location in IP Geoff Huston APNIC Addresses and the IP

Who Are You? Who Are You? Identity and Location in IP Geoff Huston APNIC Addresses and the IP Architecture Addresses and the IP Architecture Architecturally, IP Addresses are: Drawn from a Stable Global space Intended to be used in

382 views • 25 slides
Internet Identity Workshop IIW 2008b Introduction Johannes Ernst NetMesh Inc.

Internet Identity Workshop IIW 2008b Introduction Johannes Ernst NetMesh Inc.

Internet Identity Workshop IIW 2008b Introduction Johannes Ernst NetMesh Inc. http://netmesh.info/jernst Johannes Ernst Modern Identity History Facebook Proprietary et al. Yadis URL-based Age of identity Card-based interop

1.01k views • 24 slides
Location Services Based on Location Services Based on Cellular Networks Cellular Networks Mikko

Location Services Based on Location Services Based on Cellular Networks Cellular Networks Mikko

Location Services Based on Location Services Based on Cellular Networks Cellular Networks Mikko Voipio Next Generation Wireless Networks November 31, 2005 Background Background A lot of information is location based Location is,

509 views • 18 slides
Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie

Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie

Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie Gao Jie Gao Computer Science Department Stony Brook University Papers Papers [Karp00] Karp, B. and Kung, H.T., Greedy Perimeter Stateless

605 views • 49 slides
Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie

Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie

Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie Gao Jie Gao Computer Science Department Stony Brook University 1 Papers Papers [Karp00] Karp, B. and Kung, H.T., Greedy Perimeter Stateless

493 views • 10 slides
Location- -based Routing in based Routing in Location Sensor Networks I Sensor Networks I Jie

Location- -based Routing in based Routing in Location Sensor Networks I Sensor Networks I Jie

Location- -based Routing in based Routing in Location Sensor Networks I Sensor Networks I Jie Gao Computer Science Department Stony Brook University 9/25/05 Jie Gao CSE590-fall06 1 Papers Papers [Karp00] Karp, B. and Kung, H.T.,

545 views • 51 slides
Galindo-Garcia Identity-Based Signature Revisited. Sanjit Chatterjee, Chethan Kamath and Vikas

Galindo-Garcia Identity-Based Signature Revisited. Sanjit Chatterjee, Chethan Kamath and Vikas

Galindo-Garcia Identity-Based Signature Revisited. Galindo-Garcia Identity-Based Signature Revisited. Sanjit Chatterjee, Chethan Kamath and Vikas Kumar Indian Institute of Science, Bangalore November 2, 2013 Galindo-Garcia Identity-Based

584 views • 57 slides
Attribute-Based Cryptography Lecture 21 And Pairing-Based Cryptography 1 Identity-Based

Attribute-Based Cryptography Lecture 21 And Pairing-Based Cryptography 1 Identity-Based

Attribute-Based Cryptography Lecture 21 And Pairing-Based Cryptography 1 Identity-Based Encryption 2 Identity-Based Encryption In PKE, KeyGen produces a random (PK,SK) pair 2 Identity-Based Encryption In PKE, KeyGen produces a random

1.47k views • 114 slides
Securing WSNs and the IoT: Performance Analysis of Identity-based Signatures Tobias Markmann

Securing WSNs and the IoT: Performance Analysis of Identity-based Signatures Tobias Markmann

Securing WSNs and the IoT: Performance Analysis of Identity-based Signatures Tobias Markmann tobias.markmann@haw-hamburg.de 23.04.2014 Outline 1. Introduction 2. Background 3. Identity-based Signature Schemes 4. Evaluation 5. Results 6.

1.06k views • 35 slides
2017 IGRINS Users Workshop 4 IGRINS Science Prog. Stats Kyoung Hee Kim T Tauri YSO

2017 IGRINS Users Workshop 4 IGRINS Science Prog. Stats Kyoung Hee Kim T Tauri YSO

Summarizing 2017 IGRINS Users Workshop 4 IGRINS Science Prog. Stats Kyoung Hee Kim T Tauri YSO Sung-Yong Yoon Class I YSO Sunkyung Park Spec. Lib. Huynh Anh NGC 7023 Ext. Sources Hye-In Lee CFA

283 views • 9 slides
Semantics and Logical Form Semantics and Logical Form Berlin Chen 2003 References: 1. Speech

Semantics and Logical Form Semantics and Logical Form Berlin Chen 2003 References: 1. Speech

Semantics and Logical Form Semantics and Logical Form Berlin Chen 2003 References: 1. Speech and Language Processing, chapter 14 2. Natural Language Understanding, chapter 8 3. Jim Martins lectures 1 Introduction Everyday

859 views • 45 slides
1 Implementation Snoop Caches Implementing Snooping Caches Write Races: Multiple processors

1 Implementation Snoop Caches Implementing Snooping Caches Write Races: Multiple processors

An Example Snoopy Protocol Invalidation protocol, write-back cache Each block of memory is in one state: Cache Coherence and Memory Clean in all caches and up-to-date in memory (Shared) Consistency OR Dirty in exactly one cache

507 views • 3 slides
CKM Fit and Model independent constraints on physics Beyond the Standard Model Achille Stocchi

CKM Fit and Model independent constraints on physics Beyond the Standard Model Achille Stocchi

CKM Fit and Model independent constraints on physics Beyond the Standard Model Achille Stocchi (LAL-Universite Paris-Sud/Orsay) On behalf of the UTFit Collaboration http://www.utfit.org 6th International Workshop on the CKM Unitarity Triangle

458 views • 17 slides
Introduction to Linux Kernel Some History . .

Introduction to Linux Kernel Some History . .

Introduction to Linux Kernel Some History . . Created by Linus Torvalds in 1991 Information Systems 21 year old Engineering Laboratory (ISEL) University of Helsinki,

572 views • 7 slides
Probability and Statistics for Computer Science All models are wrong, but some models are

Probability and Statistics for Computer Science All models are wrong, but some models are

Probability and Statistics for Computer Science All models are wrong, but some models are useful--- George Box Credit: wikipedia Hongye Liu, Teaching Assistant Prof, CS361, UIUC, 11.17.2020 Last time StochasOc Gradient Descent

813 views • 48 slides
LArIAT Calibration with Stopping Tracks LArTPC Calibration & Reconstruction Workshop

LArIAT Calibration with Stopping Tracks LArTPC Calibration & Reconstruction Workshop

LArIAT Calibration with Stopping Tracks LArTPC Calibration & Reconstruction Workshop December 10-11, 2018 Jen Raaf LArIAT TPC Caveats: Small! Tabletop-sized, and so does not have some of the same challenges

603 views • 36 slides
Kernel level task management 1. Advanced/scalable task management schemes 2. (Multi-core) CPU

Kernel level task management 1. Advanced/scalable task management schemes 2. (Multi-core) CPU

Advanced Operating Systems MS degree in Computer Engineering University of Rome Tor Vergata Lecturer: Francesco Quaglia Kernel level task management 1. Advanced/scalable task management schemes 2. (Multi-core) CPU scheduling approaches 3.

1.49k views • 146 slides

More recommend